PHP Post mechanism for Feedback, Tasks and cooperation
106 views
Skip to first unread message
Jan
Apr 17, 2018, 5:57:20 PM4/17/18
to TiddlyWiki
Hello,
I have been seeking for a method to allow students to post contributions
in the form that I easily can import as a Tiddler.
Now finally I built a very basic mechanism to post a Tiddler to a
directory called post as a tid.
It consists of two parts
1. The Upload-button (which is trancluded by a viewTemplate
\define ExportTid() {{$(storyTiddler)$||$:/core/templates/tid-tiddler}}
<$wikify name="ExTid" text=<<ExportTid>> >
<form action="post.php" method="post">
<span>title:<input type="text" name="title"
value=<<storyTiddler>>></span><br>
<span>tiddler:<input type="text" name="content" value=<<ExTid>> ></span><br>
<input type="submit" value="Hochladen">
</form>
</$wikify>
2. The post.php
<?php
$title = $_POST['title'];
$content = $_POST['content'];
$postfile = fopen('post/'.$title.'.tid', "w") or die("Unable to open
file!");
fwrite($postfile, $content);
fclose($postfile);
?>
So far it generates a Tid which looks like exactly like the an exported
.Tid-file but appear to empty when importing it to TW.
And it closes the wiki.
So there is still a quite bunch of Questions to be solved:
1. What is wrong with my .tid file?
2. How do I avoid the TW form being closed when calling the php?
3. Is there a way to trigger a TW-action with the same click that
submits the form?
4. (a php-question)How can I avoid beeing pwned by someone inducing a
php through this mechanism.
I hope you can help me solving these things...
Jan
I have been seeking for a method to allow students to post contributions
in the form that I easily can import as a Tiddler.
Now finally I built a very basic mechanism to post a Tiddler to a
directory called post as a tid.
It consists of two parts
1. The Upload-button (which is trancluded by a viewTemplate
\define ExportTid() {{$(storyTiddler)$||$:/core/templates/tid-tiddler}}
<$wikify name="ExTid" text=<<ExportTid>> >
<form action="post.php" method="post">
<span>title:<input type="text" name="title"
value=<<storyTiddler>>></span><br>
<span>tiddler:<input type="text" name="content" value=<<ExTid>> ></span><br>
<input type="submit" value="Hochladen">
</form>
</$wikify>
2. The post.php
<?php
$title = $_POST['title'];
$content = $_POST['content'];
$postfile = fopen('post/'.$title.'.tid', "w") or die("Unable to open
file!");
fwrite($postfile, $content);
fclose($postfile);
?>
So far it generates a Tid which looks like exactly like the an exported
.Tid-file but appear to empty when importing it to TW.
And it closes the wiki.
So there is still a quite bunch of Questions to be solved:
1. What is wrong with my .tid file?
2. How do I avoid the TW form being closed when calling the php?
3. Is there a way to trigger a TW-action with the same click that
submits the form?
4. (a php-question)How can I avoid beeing pwned by someone inducing a
php through this mechanism.
I hope you can help me solving these things...
Jan
xanato...@gmail.com
Apr 17, 2018, 6:38:12 PM4/17/18
to TiddlyWiki
Hello Jan,
the .tid file format is as follows (between the - lines):
----------------------------------------------------
field1: value of field1
field2: value of field2
content of tiddler
-----------------------------------------------------
so your file is only one line long.
the import process can also not finish, because it sees a tiddler with one field.
hope that helps.
quaraman
the .tid file format is as follows (between the - lines):
----------------------------------------------------
field1: value of field1
field2: value of field2
content of tiddler
-----------------------------------------------------
so your file is only one line long.
the import process can also not finish, because it sees a tiddler with one field.
hope that helps.
quaraman
Jan
Apr 17, 2018, 7:42:38 PM4/17/18
to tiddl...@googlegroups.com
Hello and thanks Quaraman,
how can I get the missing characters (is it /n) in to the file if the form?
I guess it is the wikifikation that causes the trouble but without nothing gets inserted at all...
Jan
how can I get the missing characters (is it /n) in to the file if the form?
I guess it is the wikifikation that causes the trouble but without nothing gets inserted at all...
Jan
--
You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.
To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at https://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/eb85c7c5-c36d-4e3d-9429-bb152c31b533%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
xanato...@gmail.com
Apr 18, 2018, 6:18:22 AM4/18/18
to TiddlyWiki
Hi Jan,
the best I would do is to separate the fields in different questions to the user:
1.
the best I would do is to separate the fields in different questions to the user:
1.
<form action="post.php" method="post">
<span>title:<input type="text" name="title" value=<<currentTiddler>>></span><br/>
Created: <input type="text" name="created"></text><br/>
Info1 wanted from user: <textarea name="info1"></text><br/>
Body: <textarea name="body"></text><br/>
Created: <input type="text" name="created"></text><br/>
Info1 wanted from user: <textarea name="info1"></text><br/>
Body: <textarea name="body"></text><br/>
<input type="submit" value="Hochladen">
</form>
2. The post.php
<?php
$title = $_POST['title'];
<?php
$title = $_POST['title'];
$created = $_POST['created'];
$info1 = $_POST['info1'];
$body = $_POST['body'];
//this use a heredoc for php as explained here: http://php.net/manual/en/language.types.string.php
$content= <<<EOD
title: $title
created: $created
! Info1 answer from user
$info1
$body
EOD;
$info1 = $_POST['info1'];
$body = $_POST['body'];
//this use a heredoc for php as explained here: http://php.net/manual/en/language.types.string.php
$content= <<<EOD
title: $title
created: $created
! Info1 answer from user
$info1
$body
EOD;
$postfile = fopen('post/'.$title.'.tid', "w") or die("Unable to open file!");
fwrite($postfile, $content);
fclose($postfile);
?>
That should do the trick.
the time and day of the user send data can also be calculated, in php / tiddlywiki
php: look at http://php.net/manual/en/function.date.php
tiddlywiki look at: https://tiddlywiki.com/#now%20Macro
QuaraMan
the time and day of the user send data can also be calculated, in php / tiddlywiki
php: look at http://php.net/manual/en/function.date.php
tiddlywiki look at: https://tiddlywiki.com/#now%20Macro
QuaraMan
Jan
Apr 19, 2018, 4:47:08 PM4/19/18
to tiddl...@googlegroups.com
Hi Quaraman,
thanks, I tried out the code, (http://szenio.de/Kommentare/#Version%20Q)
Your approach is to rebuild the .tid-file.
I would like to extract it by means of the template because I also want to have various fields in different usecases (geo-tagging, image und video-urls etc)
Therefore I would like to use the template which exports tid-files {{$(storyTiddler)$||$:/core/templates/tid-tiddler}} .
Do you have any ideas for preventing the Wiki from closing when pressing submit and showing the message in a modal instead.
Jan
thanks, I tried out the code, (http://szenio.de/Kommentare/#Version%20Q)
Your approach is to rebuild the .tid-file.
I would like to extract it by means of the template because I also want to have various fields in different usecases (geo-tagging, image und video-urls etc)
Therefore I would like to use the template which exports tid-files {{$(storyTiddler)$||$:/core/templates/tid-tiddler}} .
Do you have any ideas for preventing the Wiki from closing when pressing submit and showing the message in a modal instead.
Jan
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/38b150b4-73a7-43de-bda9-2ddc6db4cf96%40googlegroups.com.
xanato...@gmail.com
Apr 20, 2018, 6:37:51 AM4/20/18
to TiddlyWiki
Hi Jan,
to prevent closing you need to say the form that this is not wished:
<form action="post.php" method="post" target="hidden-form">
to prevent closing you need to say the form that this is not wished:
<form action="post.php" method="post" target="hidden-form">
<span>title:<input type="text" name="title" value=<<currentTiddler>>></span><br/>
Created: <input type="text" name="created"></text><br/>
Info1 wanted from user: <textarea name="info1"></text><br/>
Body: <textarea name="body"></text><br/>
<input type="submit" value="Hochladen">
</form>
<iframe style="display:none" name="hidden-form"></iframe>
please note the target attribute in the form opening.
and the iframe at the end.
to your question if it is possible to insert php code trough this input:
yes someone can input php code. but this code is not executed.
as long as you only do string operation with the user input, I see no way how any php code is able to be executed.
only then you include the tiddlywiki file in your php script with a include statement it is possible that such code get executed.
so far from me
QuaraMan
please note the target attribute in the form opening.
and the iframe at the end.
to your question if it is possible to insert php code trough this input:
yes someone can input php code. but this code is not executed.
as long as you only do string operation with the user input, I see no way how any php code is able to be executed.
only then you include the tiddlywiki file in your php script with a include statement it is possible that such code get executed.
so far from me
QuaraMan
Jed Carty
Apr 20, 2018, 8:00:35 AM4/20/18
to TiddlyWiki
I added comments to one of my tiddlywikis (ooktech.com/jed/externalbrain) using hashover. It is a php-based commenting system. It is a big rough but the code for importing the comments as tiddlers may help. Some changes we made to our hosting setup broke the commenting system and I have been working on putting the multi-user tiddlywiki on line instead of bothering to fix it, but maybe some of how I import the comments may help a bit if you haven't already made a working system. The instructions for setting up hashover as a commenting system are here: https://ooktech.com/jed/externalbrain/#Adding%20comments%20sections%20to%20tiddlers%20on%20a%20tiddlywiki%20using%20hashover
Jan
Apr 20, 2018, 8:04:47 PM4/20/18
to tiddl...@googlegroups.com
Hi Jed,
thanks, hashover looks very interesting on their but i could not get to see it running. I fear this is much more complicated.
What I want is far simpler... not a real comment system that allows discussions but a simple way of exporting entire Tiddlers as Tid-files to reimport them.
Jan Johannpeter
thanks, hashover looks very interesting on their but i could not get to see it running. I fear this is much more complicated.
What I want is far simpler... not a real comment system that allows discussions but a simple way of exporting entire Tiddlers as Tid-files to reimport them.
Jan Johannpeter
Am 20.04.2018 um 14:00 schrieb Jed Carty:
I added comments to one of my tiddlywikis (ooktech.com/jed/externalbrain) using hashover. It is a php-based commenting system. It is a big rough but the code for importing the comments as tiddlers may help. Some changes we made to our hosting setup broke the commenting system and I have been working on putting the multi-user tiddlywiki on line instead of bothering to fix it, but maybe some of how I import the comments may help a bit if you haven't already made a working system. The instructions for setting up hashover as a commenting system are here: https://ooktech.com/jed/externalbrain/#Adding%20comments%20sections%20to%20tiddlers%20on%20a%20tiddlywiki%20using%20hashover
--
You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.
To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at https://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/534f27f5-e49f-4bd1-a6c7-eea4fb8e2eca%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages